# CLAUDE.md — shakcorp ## Git Workflow - **Always commit and push directly to `main`.** No feature branches, no `claude/*` branches, no PRs, no review gates. Shak is the sole maintainer. - This applies even if the repo is dead/legacy/dormant — if there's any reason to touch it at all, push to `main`. ## Quick Facts - **Domain:** shakcorp.com (CF-proxied, zone `96d1cfe5d635e2b24e97d7b963abf15c`) - **Notable subdomain:** `mcp.shakcorp.com` (A-record id `9434fc35ec20c569b903f6625ec68a37`) — serves the shakcorp-mcp remote MCP server at 127.0.0.1:8765 via Apache reverse proxy. - **Stack:** vanilla PHP / static (mostly a redirect façade) - **cPanel account:** `shakcorp` - **Web root:** `/home/shakcorp/public_html/` (~24 GB of mixed archival content) - **Repo:** github.com/shakibkhou/shakcorp (SSH remote, `main`) - **Owner:** Shak Shakibkhou ## Current State Query live state: ```bash ssh shakcorp "cd /home/shakcorp/public_html && git log --oneline -5 && git status --short" ``` Scan baseline: `Critical findings: 0`. The repo has only `480ee09 Initial commit - import live site` — working tree is dirty with several `.htaccess.*` cPanel-upgrade snapshots. The real operational tenant on this account is the **mcp subdomain**, not the apex content. ## Deploy No active GitHub Actions pipeline for content. The mcp subdomain's Node service deploys via `deploy.sh` in the shakcorp-mcp repo, not this repo. ## Known Gotchas - **Apex should 301 → shakwg.com** in normal operation. If `curl -I https://shakcorp.com/` returns 200 with weird content, a legacy `.htaccess` or `index.*` file is shadowing the redirect. - **`mcp.shakcorp.com` userdata vhost is bound to 162.241.6.107**, not 127.0.0.1. Local curl tests must use `--resolve` or hit the public URL. - **Apache userdata conf for mcp:** `/etc/apache2/conf.d/userdata/{std,ssl}/2_4/shakcorp/mcp.shakcorp.com/shakcorp-mcp.conf` — breaks MCP if edited wrong. - **24 GB tree, mostly unserved.** Be surgical about what you scan, edit, or delete. ## Do Not Touch - `/etc/apache2/conf.d/userdata/{std,ssl}/2_4/shakcorp/mcp.shakcorp.com/shakcorp-mcp.conf` — edits here can take the MCP server offline from the internet. - `/home/shakcorp/public_html/mcp/` — placeholder docroot; content here doesn't serve (Apache proxies past it). - `.htaccess`, `.htaccess.phpupgrader.*`, `.ftpquota` — cPanel-managed artifacts; uncommitted modifications are expected. - `/var/cpanel/ssl/apache_tls/mcp.shakcorp.com/combined` — AutoSSL-managed cert. ## Common Tasks **Confirm MCP subdomain is healthy** ```bash curl -sS https://mcp.shakcorp.com/health ``` **Confirm apex redirect** ```bash curl -sI https://shakcorp.com/ | head -5 ``` **List DNS records for the zone** ```bash ssh shakcorp "/root/cf-curl.sh GET /zones/96d1cfe5d635e2b24e97d7b963abf15c/dns_records | python3 -m json.tool | head -40" ``` **Restart the MCP service (affects mcp.shakcorp.com)** ```bash ssh shakcorp "systemctl restart shakcorp-mcp && systemctl status shakcorp-mcp --no-pager | head -8" ``` **Full skill reference:** `shakcorp-site` in github.com/shakibkhou/shak-skills. ## MCP Tools Reference shakcorp-mcp currently exposes **29 tools** (v0.7.0): - **16 core ops:** bash_exec, file_{read,write,list}, cf_api, dns_record, run_scan, list_sites, git_status, deploy_{trigger,status,verify}, git_sync_folder, cpanel_uapi, whm_api, webhook_wait - **9 infra hardening:** config_scan, cron_inventory, file_write_verified, bulk_grep, bulk_replace, multi_site_health, log_tail, ssl_audit, domain_expiry_whois - **4 SE Ranking:** seranking_list_sites, seranking_site_detail, seranking_quota, seranking_keyword_research Canonical tool docs: - **Skill (Claude auto-loads):** `/mnt/skills/user/shakcorp-mcp-tools/SKILL.md` - **Server-side reference:** `/root/shakcorp-mcp/TOOLS.md` - **Source:** `/root/shakcorp-mcp/dist/tools/*.js` Critical operational rules: - Use `file_write_verified` (not `file_write`) for any production upload. - Run `config_scan` before any multi-account deploy change. - `bulk_replace` preview → apply, never cold apply. - SE Ranking Data API (`seranking_keyword_research`) costs credits; Project API tools are free.